Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

FTP server on a window 2k3 server

Posted on 2004-09-09
10
Medium Priority
?
2,935 Views
Last Modified: 2009-09-24
I am trying to setup FTP server to have users login to their home directrory when they access ftp. I have setup the ftp site to "isolate users using active directory" and set the home directory path in the active directory profile. I get the following error when trying to login to ftp:
530 user administrator cannot log in, home directory inaccessible.
Login failed.

What could I be missing here?
0
Comment
Question by:jlongjr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 34

Expert Comment

by:Dave_Dietz
ID: 12036898
What exactly did you set for your user accounts in Active Directory?

Dave Dietz
0
 

Author Comment

by:jlongjr
ID: 12043607
In active directory I have set for each user their home directory which resides on the ftp server. I have set, under the profile tab, connect h: to the unc path of the directory. I have shared the folder with the user and administrator.
0
 

Author Comment

by:jlongjr
ID: 12044174
Also when I login, from a workstation, the drive is mapped to the user’s home directory that is specified.
0
Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

 

Author Comment

by:jlongjr
ID: 12047303
Ok This is going to hurt. I found that you have to modify msIIS-FTPRoot and msIIS-FTPDir properties of the active directory user account, but I don't know how. I will do some more digging and keep this post updated.

John
0
 

Author Comment

by:jlongjr
ID: 12048121
On the 2003 server with active directory and the ftp server I type the following commands.
iisftp.vbs /SetADProp jlong FTPRoot D:\Users
iisftp.vbs /SetADProp bart FTPDir \jlong

here is the path of the directory
D:\Users\jlong

It says the properties were set but when I try to ftp into the server and login I still get home directory inaccessable.
???
0
 

Author Comment

by:jlongjr
ID: 12056132
I am just giving up. I have setup a standard ftp site and set the root as the d:\ and I will use windows folder security to allow or restrict access to specific areas.
Just a note: I have Novell Netware servers running in my environment and the home directory specified in the user’s properties “environment” is automatically the home directory when they ftp into the Netware server. It is set that way by default and it is nice. I think I am going to setup another Netware server instead of using this crappie windows server! All you have to do is load ftp on the Netware server and no configuration is needed. Really, it is that easy!
0
 
LVL 1

Accepted Solution

by:
rifraf1 earned 2000 total points
ID: 12195243
Jlongjr,

I know how frustrating setting this up can be...  I also have an FTP server with FTP isolation through AD set up.  You were on the right track, but looks like there was one minor problem...

1)  Create the account and password in AD (e.g. username is "bob")
2)  Create the user's FTP directory (e.g. d:\inetpub\bob)
3)  Go to a command prompt
4)  Type:  iisftp /setadprop bob ftproot d:\inetpub
5)  Type:  iisftp /setadprop bob ftpdir bob

That's it...  Now when "bob" logs on, d:\inetpub\bob will be bob's root directory.

I hope this helps.


Rif
0
 
LVL 1

Expert Comment

by:rifraf1
ID: 12195299
Oh, and I heard there is supposed to be a snap-in for Active Directory which is supposed to list the FTP home directory in AD users, but I haven't found that one yet....  Why MS didn't include it as part of AD by default is beyond me.  I agree that it would be so much easier, and it just makes sense to include it by default.

Rif
0
 

Expert Comment

by:sygnatech
ID: 13757010
Rif,

I followed your procedures and that got me a little farther but cuteFTP will still not connect.  Here is a copy of the log:

            *** CuteFTP 6.0 - build Dec 23 2004 ***

STATUS:>        Getting listing ""...
STATUS:>        Connecting to FTP server 69.151.84.30:21 (ip = 69.151.84.30)...
STATUS:>        Socket connected. Waiting for welcome message...
            220 Microsoft FTP Service
STATUS:>        Connected. Authenticating...
COMMAND:>      USER aramirez
            331 Password required for aramirez.
COMMAND:>      PASS *****
            230 User aramirez logged in.
STATUS:>        Login successful.
COMMAND:>      PWD
            257 "/" is current directory.
STATUS:>        Home directory: /
COMMAND:>      FEAT
            211-FEAT
                SIZE
                MDTM
            211 END
STATUS:>        This site supports features.
STATUS:>        This site supports SIZE.
COMMAND:>      REST 100
            350 Restarting at 100.
STATUS:>        This site can resume broken downloads.
COMMAND:>      REST 0
            350 Restarting at 0.
COMMAND:>      PASV
            227 Entering Passive Mode (69,151,84,30,200,233).
COMMAND:>      LIST
STATUS:>        Connecting FTP data socket 69.151.84.30:51433...
            426 Connection closed; transfer aborted.
ERROR:>         Connection closed; transfer aborted.

I read somewhere else that ports 20 and 21 need to open?  I'm running on Small Business Server 2003.  How do I open port 20 IF that is the cause of this problem.  If not, any suggestions?  Thanks!

-- JW
0
 
LVL 1

Expert Comment

by:rifraf1
ID: 13764305
Hi JW,

Unfortunately, I don't use SBS2k3...  But from the log you posted, it appears as though you did successfully connect, but got booted upon attempting to transfer any data (the directory listing).

Just curious, but does your FTP server support passive mode?  Looks like you got booted upon attempting to connect to port 51433.  If your FTP server only supports active mode FTP, and your firewall blocks all ports not specifically opend by a running service, that would boot you as soon as you tried connecting to a port other than 20 or 21.  In active mode, 21 is used for FTP commands, and 20 is used for FTP data.

I'd recommend you check this out...  http://slacksite.com/other/ftp.html

Hope this helps.


Rif

ps. Just outta curiousity, can you connect to your FTP server via command prompt and performa a transfer/directory listing?  I would give this a shot just to eliminate the possibility of it being an issue with CuteFTP.  Also, when connecting via command prompt, make sure you find out if you are connecting via active or passive mode FTP.  If you connect via passive mode, and get booted, it may well just be an active vs. passive issue.
0

Featured Post

Tech or Treat! - Giveaway

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question